CIOs’ confab ensures information security
A representative group of senior government officials met in conference in Colombo recently to address the problem of information security that is currently on the increase in the world including Sri Lanka.
The objective of the conference organised by the Information and Communication Technology Agency of Sri Lanka (ICTA) under its Re-engineering Government program was to equip the participants selected from among senior government officials who are also the Chief Innovative Officers of assigned areas to face the threats to information security.
The conference included several informative presentations as well as vendor presentations aimed at giving participants a succinct and yet full ‘carry-home package of thinking’ that would include practical applications enabling their active leadership in promoting information security.
Welcoming the participants and introducing the theme of the conference ICTA’s Program Director -Re-engineering Government - Wasantha Deshap- riya said that it was a great opportunity that the conference offered for all participants to meet one another with the same professional objective in a manner they could be exposed to the latest thinking on the subject and to exchange views on how to face up to the current state where concomitant with the removal of restrictions to information there is also a serious threat to misappropriation and destruction of information.
ICTA’s Program Director and Legal Advisor Jayantha Fernando gave a comprehensive overview of the legal aspects of Information Security showing the development of legal measures of safeguards against computer-based crimes running parallel to the advancement in computer technology and its wider use.
SLCERT (Sri Lanka Computer Emergency Response Team) Information Security Consultant Lakshman Soysa presenting a survey of Information Security said that information security breaches could affect individuals as well as organisations and in an interconnected world even the smallest security incident in one place could lead to more serious attacks elsewhere.
“Attacks can occur in the form of illegal manipulation (corruption, destruction) and usage (blackmail, identity theft) of information and information systems. Measures for securing information can be physical, administrative or technical in nature.
An example of a physical measure would be a (Closed Circuit Television) CCTV monitoring system, while Information Security policies and standards would come under administrative measures and ‘Firewalls’ based on security rules and ‘Intrusion detection systems’ based on anomaly-detection come under Technical measures. All Security measures must work in synergy to create a holistic security environment,” Lakshan emphasised.
TechCart CEO Dr.Shanta Fernando in his presentation on “Information Security and Business Continuity Management” gave a step-by-step explanation on how information security could be achieved at the desired level.
While ICTA’s Program Manager - Re-engineering Government Aunuruddha Pebotuwa took the participants to a pragmatic view on ‘Securing ICT Systems in the Government’, CISSP (Certified Information Security Systems Professional) Information Security Consultant Dilan Walagampaya in his presentation prevailed upon the audience on the need of classification for information security and explained, inter alia, the classification process.